Iran Cyber Threat Perspectives

We operate in a constantly connected and virtual world where politics, economics and business are intertwined like weather, the seasons and the climate. The old adage about the butterfly beating its wings causes a hurricane on the other side of the world applies here. But in reverse. Tectonic political motions can create microquakes across the globe that often fail to register on the Richter scale of mass media, yet have significant consequences for those directly affected.

The recent airstrikes by the U.S. that killed Iranian General, Qasem Soleimani on January 2nd, and the January 8th Iranian launched missiles that struck an Iraqi base where U.S. personnel are stationed, are such a case.

These macro events often herald the beginning of increased efforts by known threat actors and groups like APT33, APT34, APT35, and APT39 with ties to Iran that choose cyber targets of opportunity for economic gain or to cause chaos under the banner of righteous revenge. It’s less about their political agenda, like those that defaced multiple U.S. government sites, but rather about how hacks against banks, law firms, and hospitals negatively impact the business and harm their clients and patients.

Like a major earthquake, the following days bring aftershocks until the globe returns to an equilibrium. It’s a time for heightened vigilance. I urge you to read our latest security advisory which details these events and provides useful recommendations to weather any potential cyber aftershocks.